diff options
Diffstat (limited to 'security/osv-scanner')
-rw-r--r-- | security/osv-scanner/Makefile | 11 | ||||
-rw-r--r-- | security/osv-scanner/distinfo | 10 | ||||
-rw-r--r-- | security/osv-scanner/files/patch-internal_sourceanalysis_go.go | 14 |
3 files changed, 17 insertions, 18 deletions
diff --git a/security/osv-scanner/Makefile b/security/osv-scanner/Makefile index 0ce2d86f5e6c..c3f0fa16bbd3 100644 --- a/security/osv-scanner/Makefile +++ b/security/osv-scanner/Makefile @@ -1,23 +1,22 @@ PORTNAME= osv-scanner DISTVERSIONPREFIX= v -DISTVERSION= 1.9.2 -PORTREVISION= 3 +DISTVERSION= 2.2.2 CATEGORIES= security -MAINTAINER= lcook@FreeBSD.org +MAINTAINER= dutra@FreeBSD.org COMMENT= Vulnerability scanner written in Go which uses the OSV database WWW= https://github.com/google/osv-scanner LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.23,modules +USES= go:1.24,modules,run _BUILD_VERSION= ${DISTVERSION} -_BUILD_COMMIT= 1e295ee +_BUILD_COMMIT= 04a8728 _BUILD_DATE= $$(date +%Y-%m-%d) -GO_MODULE= github.com/google/${PORTNAME} +GO_MODULE= github.com/google/${PORTNAME}/v2 GO_TARGET= ./cmd/${PORTNAME} GO_BUILDFLAGS= -ldflags "\ -s -w \ diff --git a/security/osv-scanner/distinfo b/security/osv-scanner/distinfo index a27f12229bee..1a2041a4e6ed 100644 --- a/security/osv-scanner/distinfo +++ b/security/osv-scanner/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1738079186 -SHA256 (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.mod) = 705bf3761bf62eb440e7b3900383d7d3ceee6e20eb412e69831fa5cdbf74b096 -SIZE (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.mod) = 5010 -SHA256 (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.zip) = 395023fb51425d49745e49d970bd05e39d12473916018d50d4ddd2175514c8b6 -SIZE (go/security_osv-scanner/osv-scanner-v1.9.2/v1.9.2.zip) = 7506952 +TIMESTAMP = 1757786339 +SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = d54389929750cc4839c89a8f2083a8d735c105d2aac0a3d90cdfb9a5e8fc998f +SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = 9801 +SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 5dbba62ae3d7fec8f1d61d3cb011b54f8b994ac6b7aa9a33a3f9bee0abf0a70a +SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 12527375 diff --git a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go index c1bbfd93f555..024b5e0dda44 100644 --- a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go +++ b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go @@ -1,11 +1,11 @@ ---- internal/sourceanalysis/go.go.orig 1979-11-29 23:00:00 UTC +--- internal/sourceanalysis/go.go.orig 2025-09-13 17:59:56 UTC +++ internal/sourceanalysis/go.go -@@ -18,7 +18,7 @@ func goAnalysis(r reporter.Reporter, pkgs []models.Pac - ) +@@ -21,7 +21,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod - func goAnalysis(r reporter.Reporter, pkgs []models.PackageVulns, source models.SourceInfo) { -- cmd := exec.Command("go", "version") -+ cmd := exec.Command("go%%GO_SUFFIX%%", "version") + func goAnalysis(pkgs []models.PackageVulns, source models.SourceInfo) { + // TODO: This will be moved to enrichers which does have context. +- cmd := exec.CommandContext(context.TODO(), "go", "version") ++ cmd := exec.CommandContext(context.TODO(), "go%%GO_SUFFIX%%", "version") _, err := cmd.Output() if err != nil { - r.Infof("Skipping call analysis on Go code since Go is not installed.\n") + cmdlogger.Infof("Skipping call analysis on Go code since Go is not installed.") |